• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » Jobs » Sr IT Governance, Risk & Compliance Analyst Job

Sr IT Governance, Risk & Compliance Analyst Job

2018-03-21 by Michelle Dvorak

Sr. IT Governance, Risk & Compliance Analyst

JOB SUMMARY

The IT Governance, Risk and Compliance (GRC) Analyst, Senior is responsible for executing tasks and participating in projects in support of IT’s governance, audit, risk and compliance framework, policies and processes. Under limited direction, audits and assesses risk on the most complex new and existing information systems applications to ensure that appropriate controls exist, that processing is efficient and accurate, and that information systems procedures are in compliance with corporate standards. Understands IT GRC (Governance, Risk and Compliance) concepts, practices, and procedures at the highest levels.

ESSENTIAL FUNCTIONS

Participates in all aspects of audit activities including risk assessments, planning, testing, control evaluation, documentation, report drafting, issue clearance with technology stakeholders, and follow-up/verification of issue closure. Identifies risks, designs controls and creates testing procedures. Participates in both standalone technology and business integrated audits. Monitors various projects with major application development initiatives, and performing continuous risk assessments of coverage areas. Generates and maintains reporting to accurately reflect the current state of the program to senior management and regulators, while partnering with the Operational Risk Management team to ensure alignment of the NYCB IT risk control and self-assessment with the larger business risk control and self-assessment program and goals. Partners with Audit team members in other business areas to ensure the delivery of a seamless program of control and audit risk coverage. Conducts quality assurance reviews of risk control and self-assessments. Partners with IT teams to identify and correct process control design and execution issues. Facilitates GRC activities as needed with examiners (FDIC). Participates and facilitates monthly, quarterly and annual review activities. Contributes to the continued development of internal controls awareness within the IT organization. Facilitates IT SOX policies, narratives, and control self-assessment documentation. Creates and maintains IT control documentation. Manages application permission review campaigns. Develops recommendations to improve the IT internal control environment. Facilitates the remediation of IT internal control deficiencies. Participates in risk assessment activities across the IT organization, including 3rd party technical risk assessments. Participates in risk management, compliance, and internal control initiatives as needed. Performs technical research on risk topics. Keeps current on latest technologies and best practices relative to their area of responsibility. Recognizes and recommends areas needing improvement. Participates in the development of IT strategies in collaboration with IT peers and the executive team. Ensures compliance with corporate and IT policies and procedures. Integrates corporate methodologies and standards, as appropriate. May provide guidance/training to more junior staff. Performs special projects, and additional duties and responsibilities as required. Where applicable and when performing the responsibilities of the job, employees are accountable to maintain Sarbanes-Oxley compliance and adhere to internal control policies and procedures.

For more information visit http://ow.ly/DQhk30j5C3n

EDUCATION AND EXPERIENCE

Bachelor’s degree in Technology, Accounting, Finance or Business or equivalent relevant work experience. Five (5) to eight (8) years of internal controls, audit, information security, risk management or technology process experience. CISA/CISSP/PMP preferred. Financial services experience preferred. Experience with compliance and/or control frameworks preferred. Experience with Sarbanes-Oxley compliance preferred.

KNOWLEDGE, SKILLS AND ABILITIES

Knowledge of COBIT and COSO and Sarbanes Oxley legislation and impact, and other regulations. Basic understanding of key IT impacting banking regulations and standards such as GLBA and PCI. Demonstrated ability to apply analytical skills in dealing with issues that are not readily defined or that conflict with available information. Strong verbal and written communication skills. Solid understanding of industry standard IT general controls. Demonstrated facilitation and project management skills. Willingness to learn. Understanding of business process controls preferred. Computer literate with proficiency in Windows 7, Microsoft Office and Microsoft Project. Excellent planning, time management, and follow through skills. Independent/self-starter. Excellent problem solving skills. Ability to adapt to changing requirements. Ability to document processes, roles, key decisions, and other work session outputs. Attention to detail and ability to implement. Ability to influence others preferred. Ability to maintain organizational relationships with both business and IS. Ability to maintain organizational respect and trust. Ability to handle multiple tasks concurrently. Ability to rely on experience and judgment to plan and accomplish initiatives. Ability to serve as a resource to others in the resolution of complex problems. Ability to delegate and review the work of employees. Ability to maintain a professional composure with clients in difficult situations. Ability to maintain confidentiality with regard to customer information and employee records.

For more information visit http://ow.ly/DQhk30j5C3n

Filed Under: Jobs

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version